Scribd
Upload
90 views

Bind Dns On Centos

This document provides instructions for installing and configuring DNS (BIND) on a CentOS 6 server. It describes how to configure the server's IP address, hostname, and DNS settings. It also explains how to install and configure BIND, create forward and reverse DNS zones for the domain, and open the necessary ports in the firewall. Once completed, DNS lookups can be tested to validate that the name resolution is working properly.

Uploaded by

Md Tanjil Islam Bappi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
90 views

Bind Dns On Centos

This document provides instructions for installing and configuring DNS (BIND) on a CentOS 6 server. It describes how to configure the server's IP address, hostname, and DNS settings. It also explains how to install and configure BIND, create forward and reverse DNS zones for the domain, and open the necessary ports in the firewall. Once completed, DNS lookups can be tested to validate that the name resolution is working properly.

Uploaded by

Md Tanjil Islam Bappi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

How to Install DNS (BIND) on CentOS 6.

x
Here is the required information which will be used in configuration
9 IP Address
: 191.140.30.15
9 Hostname
: ns1
9 Domain Name
: dragongang.com
9 FQDN
: ns1.dragongang.com
9 BIND Listen Port
: 53
9 BIND Forward Zone : fwd.dragongang.com
9 BIND Reverse Zone : rev.dragongang.com
IP Address Configuration:
o Assume that you have fresh centos installed on your box and logged in as root user.
o Now from terminal check your ip address setting with following command
cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=dhcp
HWADDR=DE:AD:BE:EF:CA:FE
IPV6INIT=yes
NM_CONTROLLED=yes
ONBOOT=yes
TYPE=Ethernet
UUID=here will be something
o Now turn off network manager by following command
service NetworkManager stop && chkconfig NetworkManager off
o Now configure IP address as required by following command
cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
HWADDR=DE:AD:BE:EF:CA:FE
IPV6INIT=yes
NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
UUID=here will be something
IPADDR=191.140.30.15
NETMASK=255.255.255.0
GATEWAY=191.140.30.1
DNS1=191.140.30.15
DNS2=8.8.8.8
USERCTL=no
o

Now restart the networking service


service network restart

Hostname Configuration:
o Change your hostname with the following command
echo "191.140.30.15 ns1 ns1.dragongang.com" >/etc/hosts
Resolver Configuration:
o Change the /etc/resolv.conf file with the following command
vim /etc/resolv.conf
domain dragongang.com

Local
o

o
o

search dragongang.com
nameserver 191.140.30.15
nameserver 8.8.8.8
Repository Create:
Now mount installation disk into /mnt, create a folder (localrepo) in / directory and copy all file
from /mnt to /localrepo
mount /dev/sr0 /mnt
mkdir /localrepo
cp -R /mnt/* /localrepo/
Wait until finish copying all files into disk
Now Create repo file with your desired name
mkdir /repos
mv /etc/yum.repos.d/* /repos/
vim /etc/yum.repos.d/dragon.repo
[dragonrepo]
name=Linux Local Repo for Dragongang
baseurl=file:///localrepo
enabled=1
gpgcheck=0
yum clean all

Install BIND
o Now Install bind using below command and follow the steps
yum install bind bind-chroot bind-dyndb-ldap bind-utils*
Configure BIND
o Change the blue marked lines as desired
vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; 191.140.30.15; };
listen-on-v6 port 53 { ::1; };
directory
"/var/named";
dump-file
"/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query
{ localhost; any; };
recursion no;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
//Forward Zone File Declaration
zone dragongang.com IN {
type master;
file fwd.dragongang.com;
};
//Reverse Zone File Declaration
zone 30.140.191.in-addr.arpa IN {
type master;
file rev.dragongang.com;
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
o

Now Create Zone Files as stated in /etc/named.conf


cp /var/named/named.localhost /var/named/fwd.dragongang.com
cp /var/named/named.loopback /var/named/rev.dragongang.com
vim /var/named/fwd.dragongang.com
$TTL 1D
@
IN SOA dragongang.com. root.dragongang.com. (
2014091401
; serial
1D
; refresh
1H
; retry
1W
; expire
3H ) ; minimum
@
IN
NS
ns1.dragongang.com.
ns1
IN
A
191.140.30.15
vim /var/named/rev.dragongang.com
$TTL 1D
@
IN SOA dragongang.com. root.dragongang.com. (
2014091401
; serial
1D
; refresh
1H
; retry
1W
; expire

3H ) ; minimum
@
IN
NS
ns1.dragongang.com.
ns1
IN
A
191.140.30.15
15
IN
PTR
ns1.dragongang.com.
o Now Change the file owner and permission
chown named:named /var/named/fwd.dragongang.com /var/named/rev.dragongang.com
/etc/named.conf
chmod 755 /var/named/fwd.dragongang.com /var/named/rev.dragongang.com /etc/named.conf
o Now Start BIND Service by following command
service named start && chkconfig named on
o Now check using nslookup
nslookup ns1.dragongang.com
dig dragongang.com
IPTables Configuration
o Accept Traffic for 53 port from tcp and udp protocol using following command
iptables -A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW --dport 53 -j ACCEPT
service iptables save
service iptables restart
o Similarly Accept Traffic for you desired port
o Now Reboot your server and check the services.

You might also like